I also have done the following: 1. ipsec up home
2. I get the following in response initiating IKE_SA home[1] to 127.0.0.2 configured DH group MODP_2048 not supported tried to check-in and delete nonexisting IKE_SA establishing connection 'home' failed Thanks! Brian On Tue, May 6, 2014 at 9:06 AM, Brian Watson <[email protected]> wrote: > I have setup strongswan with the config files on 2 virtual boxes running > Ubuntu 14.04. I have the following with the 2nd virtual machine basically > mirroring the first with the exception of the ip address being swapped > around: > > 1. I setup the config files on 2 Ubuntu virtualbox machines > ipsec.conf > ------------------------- > config setup > > conn %default > ikelifetime=60m > keylife=20m > rekeymargin=3m > keyingtries=1 > keyexchange=ikev2 > authby=secret > > conn home > left=127.0.0.2 > leftfirewall=no > right=127.0.0.3 > auto=add > > ipsec.secrets > ------------------------------ > 127.0.0.2 : PSK <shared secret> > > strongswan.conf > ------------------------------- > charon { > load = aes des sha1 sha2 md5 gmp random nonce hmac stroke > kernel-netlink socket-default updown > } > > 2. I issue "sudo ipsec start" and status commands and get the following: > > Starting strongSwan 5.1.2 IPsec [starter]... > !! Your strongswan.conf contains manual plugin load options for charon. > !! This is recommended for experts only, see > !! http://wiki.strongswan.org/projects/strongswan/wiki/PluginLoad > brianswan3@brianswan3-VirtualBox:/etc$ sudo ipsec status > Security Associations (0 up, 0 connecting): > none > > 3. The fact that it shows no security associations implies to me that it > didn't work. Is this true and is there something obvious that I'm doing > wrong? > > Thanks, > Brian >
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
